TYPO3: Howto share session / cookies between domains (one for each language )?

1
votes

I wonder if there's a way to tell TYPO3 to share the sessions / cookies between different domains?

We wrote an Extbase extension on a multi language / multi domain site. We store search words from a search form in the user session. If the user switches the page language, he should get the same results as before - Without the need to re-fill the search form.

One way would be to tell the browser to store several cookies at the same time - one for each domain/language. How can this be achieved with TYPO3 / Extbase?

1
session-cookiestypo3extbase

1 Answers

2
votes

By default, there is no way to set cookies for a different domain - not with or without TYPO3. This is a security measure implemented in every browser (or do you want me to set / read your cookies from yourbank.com when you visit my web site? ;-))

You have to create some helper script that does this for you. One way could be:

  • example.com is loaded
  • this page includes an iframe to a PHP script (or TYPO3 site, e.g. with eID) on example.org with a GET parameter storing being the session id
  • the script loaded from example.org reads the GET parameter and sets a cookie with that session id (or whatever parameter you want to transfer).
  • afterwards the cookie is also available when browsing example.org

I have never tried this, but I'm pretty sure it will work with PHP. Maybe it's even possible with pure JavaScript, but I'm not so sure. In every case, think about what security holes you get with the explained script. In doubt sign the parameters (or require a token)!